I'm trying to display my PIs temperatures in a website that I can access anywhere at any time.
So far I've been able to get the CPU and GPU temps working. However my HDD temp won't show in the browser. It works fine in terminal.
Here is a pic:
As you'll notice I didn't have the GPU temp showing either, however this was fixed by using the following command:
sudo usermod -G video www-data
I haven't been successful in getting this to work for smartmoxntools, though.
Does anyone know how to make it work?
Also, is it safe to have these in an external website? Can hackers inject php code to run shell commands using it?
in order to run some root privileged command in website, you need to put www-data in your /etc/sudoers to allow the www-data to run as root for the command, here is the line you need in /etc/sudoers:
www-data ALL=(root) NOPASSWD: /usr/sbin/smartctl
When executing under your web server, your script will probably have a different PATH configured, so it will run differently from how it runs in the Terminal.
Try putting the full path to smartctl in your script, e.g.
sudo /usr/local/bin/smartctl -A -d sat /dev/sda | awk '/^194/ {print $10}'
Related
Okay so I want to change the file mode of a directory to 777 so I use the line
exec('chmod -R 777' . $dir);
where $dir is the directory path of the directory I wanna change
it doesn't seem to work but I don't get an error for it, also if the user I was executing the script from was a sudo user so I have to enter the password after I enter the command, how would I do this? Would it be something like exec('chmod -R 777' . $dir\n 'password'); ?
Information I get from this site
Execute system commands via PHP
Many a times we need to execute system commands on a Linux system – to delete a directory, or restart a service. However, since Apache does not run with root privileges, it is nearly impossible to use PHP’s exec(), system() or passthru() functions to achieve that.
The solution to this is very simple, specially on Ubuntu. The Apache’s user www-data need to be granted privileges to execute certain applications using sudo.
1.Run the command sudo visudo
2.At the end of the file, add the following
www-data ALL=NOPASSWD: /sbin/iptables, /usr/bin/du
This is assuming that you wish to run iptables and du using super user (root) privileges. However, if you wish to run every application using super user privileges, then add the following instead of what’s above
www-data ALL=NOPASSWD: ALL
3.That’s it, now use exec() in the following manner inside your .php script
exec ("sudo iptables -P FORWARD ACCEPT");
I actually try to laucnh a gnome-term with a php script, seems i have some problems with the users www-data;
my script make only a ls -l command in a directory (is just for a test) and i run it with a php page in my local-web site.
here the gnome-terminal command in my bash script (he run perfectly when i double-click on him) :
gnome-terminal --working-directory=/opt/cuckoo -x bash -c "ls -l"
and here is the call on the php-page :
system("/my/path/to/the/script/script.sh");
i have some echo in my script and i see them in the php page after i try to run the script with the php.page.
i think www-data don't have the right to do so i give the ownership of the script with the chown command, and at last a try the sudo visudo command and make the script execute like the user www-data is root (with NO PASSWD arg)
But i can't open the terminal and make a ls at last, i try with exec too, and show the result with $ouput butthe result is the same as well.
At last my question is : Php can really run a terminal or maybe a fool myself^^? Thanks for taking time to rescure me ;)
PHP can run everything, but depends who spawns it. Forget just running X apps from a web server - you'll need more than just executing them (permissions, DISPLAY and Xauth settings). Read more about the X clients and architecture.
Probably the right place to ask this is at SuperUser, since the problem is not in the coding itself.
I am trying to run adb from PHP using:
exec( 'adb devices', $output, $return_val );
but I get 126 error.
I think the problem is that php is running as 'www-data' user and does not have permissions to execute adb.
Any solutions?
Check this site out:
http://bzed.de/posts/2009/05/howto_set_android_developer_device_permissions_with_udev/
And add www-data to androiddev.
You need to add your specific model to the udev-lines. You can find the vendor- and product-id by connecting your phone to your computer and executing lsusb in a terminal.
You get something like:
Bus 001 Device 002: ID 413c:a001 Dell Computer Corp. Hub
where 413c is the Vendor ID and a001 is the ID of the product. Of course, your cell phone should be the line instead of "Dell Computer"...
Good luck!
If you are working on Windows, the easier solution that I know is:
Create a file.bat with the order adb devices and the variables $1 and $2.
Call the file.bat with php using exec command
That should work.
If you are working on Linux, use a /bin/bash. And use the same procedure.
Your friend google will help you if don't know how to do the scripts.
Although this is not a solution for 126 error, it's a way to run adb from php on Linux Debian 8.
If you have installed android-tools-adb, surely have noted that a new group has be created: adb, the user www-data must belong to it:
usermod -a -G adb www-data
And if you have using a Android version greater than or equal to 4.4.2 you need to accept RSA key fingerprint on screen on your cell phone, that at the same time makes a hidden directory in your computer named .android on user home path, there, will be stored both adbkey and adbkey.pub files, running:
cat /etc/passwd | grep www-data
You get
www-data:x:33:33:www-data:/var/www
Therefore, /var/www is for www-data user,
So, I changed its group from root to www-data
chown root:www-data /var/www
Then, I set write permissions
chmod 775 /var/www/
Now, .android directory can be created. Despite the message when you're going to accept RSA key fingerprint says: "Always allow from this computer", you must accept each user for computer if adb command is being used by different users on the same computer
And you can just try the adb command as www-data user, executing: (as root)
sudo -u www-data adb devices -l
I hope this helps someone else
I am running Apache on my localhost. From a PHP script run as www-user I would like to control Rhythmbox playback on my machine. So far I have a simple command in my PHP script:
exec('rhythmbox-client --pause');
This works great when I run it from the command-line as me, but if it runs as www-user I guess rhythmbox-client doesn't know/can't access my instance of Rhythmbox.
Is there an easy way for that PHP script to run as my user rather than www-user, or to tell rhythmbox-client which instance to control?
The overall application is that when my phone goes off-hook it calls my PHP script which pauses music, and resumes playback when the phone is on-hook. I love VoIP phones!
Solution:
Thanks to Carpetsmoker and Tarek I used sudo as the answer but there was a couple of problems. To overcome them I did the following:
Created a bash script to call rhythmbox-client. This bash script was executed using sudo in PHP as described in the answer below. Unfortunately rhythmbox-client didn't know what environment to control, so the bash script looks like this:
#! /bin/bash
DBUS_ADDRESS=`grep -z DBUS_SESSION_BUS_ADDRESS /proc/*/environ 2> /dev/null| sed 's/DBUS/\nDBUS/g' | tail -n 1`
if [ "x$DBUS_ADDRESS" != "x" ]; then
export $DBUS_ADDRESS
/usr/bin/rhythmbox-client --pause
fi
Now that bash script can be executed by PHP and wwwuser, and my phone can pause/play my music!
One solution is using sudo(8):
exec('sudo -u myuser ls /');
You will, obviously, need to setup sudo(8) to allow the user running your webserver to invoke it. Editing the sudoers file with visudo(8), you can use something like:
wwwuser ALL=/usr/bin/rhythmbox-client
To prevent Apache from being able to run other commands and only the rythymbox command.
In my case, the solution came this way:
Added this lines to sudoers file:
myuser ALL=(ALL) NOPASSWD: /usr/bin/prlctl
_www ALL=(ALL) NOPASSWD: /usr/bin/prlctl # IMPORTANT!!!
The EXEC() command in PHP was changed to:
exec("sudo -u myuser prlctl list -a", $out, $r);
If a process can be run by any user it can be run by PHP. Example is fortune command
-rwxr-xr-x 1 root root 18816 Oct 1 2009 /usr/games/fortune
Look at the x permission for every user. But this some times doesn't at all work and you may have to let the user, www-data or apache etc, run the program. You can sudo www-data and try to run the command. If it works then Apache/PHP should be able to run it.
I am trying to backup all the files on our server using some SSH commands via PHP and I have a script working to some extent.
The problem is that only some of the folders actually contain any files but the folder structure seems to be correct though.
This is the script I am using:
<?php
$output = `cd /
ls -al
tar -cf /home/b/a/backup/web/public_html/archive.tar home/*`;
echo "<pre>$output</pre>";
?>
I cant even view the files via SSH commands, an example of this is the test account. If I use the following command I am unable to view the website files.
<?php
$output = `cd /home/t/e/test/
ls -alRh`;
echo "<pre>$output</pre>";
?>
But if I use the same commands on the a different account I am able to see and download of the website files.
Is this a permission problem or am I missing something in my script?
Thanks
ls -l / | grep home
the output will be like this:
lrwxr-xr-x 1 root wheel 8 Mar 30 14:13 home -> usr/home
In my case, the owner is root, and the root user its primary group is wheel, so now we add www-data user to wheel group so he can list files in there:
usermod -a -G wheel www-data
You can download some files because they located in directory owned by www-data user, and when you can't, www-data has no permission in that.
I think it permission problem, try to give apache user(or what you set it) permission to read /home/* directory's.
To find the user name that used by apache service run this:
For linux:
egrep -iw --color=auto 'user|group' /etc/httpd/conf/httpd.conf
For FreeBSD:
egrep -iw --color=auto '^user|^group' /usr/local/etc/apache22/httpd.conf
My guess is that PHP is running in a chroot.
If you just want to execute a backup, consider doing it in a different language. Especially if it is just a sequence of UNIX commands, write a shell script. Perhaps more details on what this script will be used for and who is providing and maintaining your hosting will be useful.